Recently the ransomware gang Lapsus$ leaked credentials of 71,000 Nvidia employees on a Telegram page. This was discovered by the Information Security Media Group.
The group has also breached big tech companies including Microsoft and Samsung. The group used the messaging app Telegram for data dump announcements and recruitment. Microsoft gave the group the designation DEV-0537.
The Lapsus$ ransomware group released a portion of the highly confidential stolen data, comprising source codes, GPU drivers and documentation on Nvidia’s fast logic controller product, also known as Falcon and Lite Hash Rate or LHR GPU.
Following this, Lapsus$ demanded $1 million and a percentage of an unspecified fee from Nvidia for the Lite Hash Rate bypass.
This type of attack may be common but the scale of the attack and the nature of the demands from the hacking group is at a new level and one of wider concern to the corporate world.
Looking into the issue for Digital Journal, is Gary Ogasawara, CTO of Cloudian.
Ogasawara places this latest attack in the eider context of cybersecurity matters, noting: “Ransomware attacks are continuing to infiltrate organizations and cause significant disruption.”
One reason why attack are commonplace and seemingly successful is due to the incorrect focus of many security systems. Here Ogasawara opines: “Unfortunately, when it comes to protecting against these types of attacks, much of the discussion has centered on perimeter security and other traditional defenses that have clearly fallen short.”
In addition, the expert finds: “These strategies simply aren’t enough to combat today’s sophisticated attacks. In fact, a survey of organizations that experienced a ransomware attack found that almost 50% had perimeter defenses in place at the time of the attack but were still penetrated.”
There are better measures to take. Here Ogasawara recommends: “When it comes to protecting sensitive data, encrypting data both in flight and at rest is essential to keep cybercriminals from reading it or making it public in any intelligible form.”
Further, Ogasawara states: Most importantly organizations should have an immutable (unchangeable) backup copy of their data which prevents such criminals from altering or deleting that data and ensures the ability to recover the uninfected backup copy in the event of an attack, without paying ransom.”